How to Install Nextcloud 12 Server on Debian 9 with HTTPS

Nextcloud 12 Server is an open source cloud storage server app that can be run on Debian 9 with the help of a typical LAMP stack. Featuring an easy-to-use Web GUI, Nextcloud comes with File Sync, Calendar, Contacts, Todos, and other useful cloud-based apps that help to keep your life organized.

In this tutorial, you will learn how to install Nextcloud 12.0.1 on Debian 9 Stretch using a Vultr VPS (or any VPS, really). Your new Nextcloud 12 server will be HTTPS-enabled with TLSv1.2 and HTTP Strict Transport Security (HSTS). As an optional step, we’ll also show you how to add support for HTTP/2.

Prerequisites

You will need a shiny new VPS. If you don’t have one, we recommend that you sign up with Vultr because that’s what we use here at TechWombat. (Plus, we get commissions on the link so you can help keep these awesome tutorials coming.)

You must have your own domain name – e.g. example.com – because you are going to get a free SSL certificate from Let’s Encrypt and they do not issue certificates for IP addresses. If you don’t have a domain name, you will have to create your own self-signed SSL/TLS keys, which we won’t be covering in this guide.

You should know how to log in to a VPS using SSH keys, either with PuTTy (Windows) or the Linux terminal. See this helpful article, “How Do I Generate SSH Keys” for help on creating SSH keys and logging in to a VPS with them.

Step 1: Deploy Debian 9 on a new VPS instance

We are running a Vultr VPS for demo purposes, but you can use DigitalOcean or another VPS host. If you also use Vultr, go to https://my.vultr.com and click the “Deploy New Server” button.

For Server Type: Choose 64 bit OS > Debian 9 x64.

For Server Size: Nextcloud can run on a sandbox server with 512MB RAM, however a server with 1024MB RAM or higher is recommended.

Deploy your server now and log in as root using SSH.

Step 2: Install essential server packages

On Debian, you need to install the sudo package before creating a non-root superuser. You should get sudo now, as well as a few essential packages while you’re at it.

Use apt with the -y option to upgrade and install packages without any confirmation prompts:

apt update
apt upgrade -y

Install the following packages:

apt install -y sudo passwd unzip ssh ufw

Step 3: Create a new sudo user for SSH access

We will be using root for all the commands that follow, but you have to set up a new user with sudo rights and add the SSH keys for this user so you can log in later.

Step 6: Set up Nextcloud database with MariaDB / MySQL

Although you installed the mysql-server package, MariaDB 10.1+ was installed because it is the default MySQL server software in Debian 9. For our purposes, the commands for MariaDB are identical to MySQL, so they can be used whether you choose to use MariaDB or MySQL Server.

First off, secure your fresh MariaDB installation with this command (Enter Y at each prompt):

sudo mysql_secure_installation

To log in to the MariaDB client, enter the following and type your MariaDB root password:

sudo mysql -u root -p

Now you can create your Nextcloud database with the following MySQL commands. Keep your database details handy, as you will use them to finish the installation via web browser soon.

Substitute <database_name>, <database_user>, and <database_user_password> with your own values:

Step 9: Enable HTTPS

If you haven’t done so already, you now need to point your domain name at your VPS IP address. To validate the SSL certificate, you have to ensure your domain name is live and resolvable.

Get an SSL certificate using certbot

The Electronic Freedom Foundation (EFF) provides an automated way to retrieve Let’s Encrypt certificates with a Python package called certbot.

Note: A reader has pointed out that some of the steps below might not work for all scenarios. If you run into any issues, see the official Certbot Installation steps and try an alternative method (e.g. using certbot-auto).

Use apt to install certbot:

sudo apt install certbot

Also install python-certbot-apache, which will configure Apache automatically for HTTPS, based on our current 000-default.conf Virtual Host file:

sudo apt install python-certbot-apache

To acquire a new SSL certificate with certbot, type:

sudo certbot --apache

Enter “1” at the prompt shown below:

Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: example.com
-------------------------------------------------------------------------------

You must provide your email address, and then enter “A” to accept.

Enter ‘2’ (Secure) when prompted at the next step, to enable redirecting HTTP to HTTPS:

Hint: max-age=15768000 is 157,668,000 seconds, which sets the HSTS header’s expiry to 5 years.

Enable the Apache headers module:

sudo a2enmod headers

Restart Apache:

sudo service apache2 restart

Step 10: Upgrade HTTP/1.1 to HTTP/2

HTTP/2 became the new HTTP standard in 2015 and it offers several improvements over HTTP/1.1. One advantage of HTTP/2 is that it uses binary instead of textual communication between the server and browser, making data transfer more efficient. It also enables you to serve multiple requests over a single TCP connection with the use of multiplexing.

Step 11: Configure php.ini to allow large uploads

PHP 7’s maximum upload size is set to a measly 2MB which is not suitable for a cloud storage server.

To set more reasonable PHP upload limits for Nextcloud, open the php.ini file with nano or vim:

sudo nano /etc/php/7.0/apache2/php.ini

In the php.ini file, search for:

post_max_size = 8M and change 8M to 256M or higher.

upload_max_filesize = 2M and change 2M to a higher value as above.

max_file_uploads = 20 and change 20 to a higher value like 200.

memory_limit = 128M and change the limit to 256M or 512M if your VPS has the RAM for it.

Save the file and exit.

Restart Apache one last time for good measure:

sudo service apache2 restart

Step 12: Complete the Nextcloud installation via web browser

Type your domain name into your browser and you will be greeted with the Nextcloud web installer page. This is the final step of the installation, and takes only a minute to complete. Here is a screenshot:

Related Posts

https://techwombat.com/install-nextcloud-12-server-debian-9-https/https://techwombat.com/wp-content/uploads/2017/08/install-nextcloud-12-debian-9-https-ssl.pnghttps://techwombat.com/wp-content/uploads/2017/08/install-nextcloud-12-debian-9-https-ssl-150x150.png2017-08-25T20:33:11+00:00Tom DavisTutorialsdebian,https,linux,nextcloud,server tutorials,vps tutorials,vultr tutorialsNextcloud 12 Server is an open source cloud storage server app that can be run on Debian 9 with the help of a typical LAMP stack. Featuring an easy-to-use Web GUI, Nextcloud comes with File Sync, Calendar, Contacts, Todos, and other useful cloud-based apps that help to keep your...Tom DavisTomDavistomdavis@mailblip.comAuthorTom is a technical contributor at TechWombat. He enjoys writing about IT, open source, electronics, and other geeky arcana.TechWombat